Security Analyst

INTERVIEW= Onsite / VirtualJOB TYPE= HybridThe selected applicant will be expected to perform some combination of the following tasks:1. Develop and Manage Security Best Practices: Establish and maintain security best practices aligned with client's objectives.2. Assist with Development and Implementation of Security Policies and Procedures: Contribute to creating, deploying, and enforcing comprehensive security policies and procedures.3. Prepare Security Documentation: Create and maintain detailed security documentation to ensure accuracy and compliance with industry standards.4. Develop Risk Analysis and Security Reporting: Conduct risk assessments, develop mitigation strategies, and generate security reports to support informed decision-making.5. Monitor and Remediate Software or Hardware Vulnerabilities: Identify, monitor, and address vulnerabilities in software and hardware to safeguard client's assets.6. Evaluate Current and Future Security Tools and Systems: Assess existing and potential security tools and systems, providing recommendations for enhancements or new implementations.7. Respond to Security Incidents: Act as a primary responder to security events, executing incident response protocols and ensuring timely resolution.8. Conduct After-Action Reviews: Thoroughly review and analyze security incidents to identify root causes and lessons learned, producing after-action reports as needed.9. Mitigate Identified Risks: Implement strategies to mitigate risks identified through assessments and incident analyses.10. Educate IT and Program Areas About Security Policies: Train and inform IT teams and program areas on security policies to ensure widespread understanding and adherence.11. Submit and Oversee Change Control Process: Manage the change control process, ensuring all modifications are documented and compliant with client's standards.12. Document Hours Worked by Task(s): Accurately record hours spent on each task for accountability and project management purposes.13. Follow FWC IT Processes and Coordinate with Other client's IT Staff to Ensure Compliance with Standards: Adhere to Client's IT protocols and collaborate with IT staff to maintain compliance with organizational standards.14. Comply with and Enforce All Agency Policies, Procedures, and Security Policies: Adhere to and enforce all relevant agency and security policies and procedures.15. Provide Technical Training (Knowledge Transfer) to Office of Information Technology Support Staff Related to IT Security: Deliver technical training and facilitate knowledge transfer to IT support staff focused on information security .Qualification Requirements for Contractor1. Four or more years of combined IT and security work experience with a broad range of exposure to systems Analysis.2. Four or more years of experience with information technology security.3. Four or more years of experience with Firewall policies, implementation, and best practices.4. Two or more years of experience with cloud computing and cloud computing security.5. Requires knowledge of security issues, techniques, and implications across all existing.6. computer platforms.7. Must have good understanding of NIST cybersecurity Framework.8. Must have good understanding of NIST RMF.9. Must have a good understanding of MITRE framework.10. Must be CJIS certified or can become CJIS certified.Education1. Bachelors Degree in Computer Science, Information Systems, or other related field or equivalent work experience.2. Cyber Security Certifications examples: CISSP, Security +, OSCP, CISA.